package cn.jbit.realem;
import java.util.HashSet;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import cn.jbit.pojo.User;
import cn.jbit.user.service.UserService;

/**
 *Realm：域，Shiro从从Realm获取安全数据（如用户、角色、权限），
   * 就是说SecurityManager要验证用户身份，那么它需要从Realm获取
   * 相应的用户进行比较以确定用户身份是否合法；也需要从Realm得到用户
   * 相应的角色/ 权限进行验证用户是否能进行操作；可以把Realm看成DataSource，
   * 即安全数据源。
 *@author Administrator
 *
 */
public class ShiroRealem extends AuthorizingRealm{

	@Autowired
	private UserService userService;
	
	// 认证  英文翻譯（身份验证信息）
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
			throws AuthenticationException {
		// 将登录方法中存入令牌中的帐号取出来
		if (authenticationToken.getPrincipal() == null) {
			return null;
		}
		// 获取用户信息
		String userPhone = authenticationToken.getPrincipal().toString();
		
		//authenticationToken.getCredentials().toString()是得到密碼
		// 去数据库校验
		System.out.println("usergetUser_phone==============>"+userPhone);
		User user = userService.findUserName(userPhone);
		System.out.println("getRole_name=========>"+user.getRole().getRole_name());
		
		if (user == null){
			throw new UnknownAccountException();
		} else {
			if (!user.getRole().getRole_name().equals("普通用户")) {
				//處理盐值 是在计算其中所设置的加密密码是否相等
				//SimpleAuthenticationInfo内放置变量的顺序应与SimpleHash中设置的相同
				ByteSource salt = ByteSource.Util.bytes(user.getUser_phone());
				SimpleAuthenticationInfo simpleAuthenticationInfo = new 
						SimpleAuthenticationInfo(
								user,//用户名
								user.getUser_password().toString(),//密码
								salt,//salt=phone+salt
								user.getUser_phone());//realm phone
				return simpleAuthenticationInfo;
			}else {
				throw new UnknownAccountException();
			}
		}
	}
	@Override
	public String getName() {
		// TODO Auto-generated method stub
		return "shiroRealem";
	}
	//授权
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		User user = (User)principals.getPrimaryPrincipal();
		User user1 = userService.findUserName(user.getUser_phone());
		String roleName = user1.getRole().getRole_name();
		System.out.println("rolename========>"+user1.getRole().getRole_name());
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		Set<String> pSet = new HashSet<String>();
		pSet.add(roleName);
		info.addStringPermissions(pSet);
		return info;
//		return null;
	}
	
	
	
}
